Web Analytics

FireOak Strategies Blog

Insights and articles related to knowledge management, information security, technology, data and analytics, business process automation, platform management, and other related topics, from our experienced team of consultants.

< Back to FireOak Blog

Optimize your VPN for Office 365

Increase performance and reduce system load by automatically excluding Office 365 traffic from your organization’s split tunnel VPN.


Eric Smith is the Chief Technologist and Chief Information Security Officer (CISO) for FireOak Strategies, LLC. You can reach Eric at [email protected] or follow him on Twitter at @FireOakCISO.

Increase performance and reduce system load by automatically excluding Office 365 traffic from your organization’s split tunnel VPN

Split Tunnel VPN for Office 365

As the coronavirus continues to spread, more organizations are gearing up to prepare for staff to work from home. To help our clients, we prepared this 10-point cybersecurity and knowledge management checklist. Tip #3 in the checklist includes several action items related to preparing the organization’s VPN for large-scale remote work. One of our recommended action items is to deploy a split tunnel VPN for Office 365 and other high-bandwidth cloud services so they can be accessed directly, without sending this traffic through a VPN. 

Since Microsoft already provides high-quality encryption for their Office 365 cloud services, tunneling this traffic across your organization’s VPN doesn’t appreciably increase the security of these services. Tunneling already-encrypted cloud based services isn’t a security requirement for most organizations, but excluding these services from a VPN can be tricky, as IP ranges of cloud services always change as providers upgrade and expand their environments.

Fortunately for Office 365 users, Microsoft makes an API endpoint available that contains an always up-to-date list of the IPv4 and IPv6 network addresses used to provide their cloud services. 

To help our clients and other organizations that are preparing to transition to a work from home environment in response to the coronavirus outbreak, we developed a new tool, unTun365. This tool is designed to automatically configure an OpenVPN-based VPN environment to prevent Office 365 traffic from being sent across a VPN. 

We’ve made the code for unTun365 open source and published it to GitHub in the hopes that other organizations can use it as part of their response to coronavirus.

FireOak Strategies is a boutique consulting firm that helps organizations manage, secure, and share their knowledge. We bring clarity to complexity, look for elegant and simple solutions, and make sure that organizations are focused on solving the right problems. Learn more…

Manage, secure, and share your organizational knowledge

Browse articles by topic:

Read more articles:

More from the FireOak team about managing, securing, and sharing knowledge